The ‘Why’ Behind GravityZone PHASR

It’s been an incredible few weeks since Bitdefender announced the global launch of Gravity Zone PHASR, which enables Proactive Hardening and Attack Surface Reduction, unlike any technology to come before it.

We are honored to have analysts call it “groundbreaking” and to hear from customers who used it to drastically and rapidly shrink their attack surface and the related risk of Living off the Land (LOTL) attacks. These LOTL techniques are now utilized in 84% of major incidents.

But a question lingers: in a world full of cybersecurity technologies, why did we develop GravityZone PHASR? Why is it necessary and how is it different? These are key points I’d like to examine in the next few paragraphs.

Why Develop GravityZone PHASR?

PHASR is about more than launching a new product; it's about redefining how we think about cybersecurity and how we as an industry approach risk.

For years now, the security conversation has revolved around detection and response. These continue to be critical capabilities; however, the threat landscape has changed dramatically. Attackers are moving faster. They're interactive. They're using automation. They're using your trusted tools against you, operating system tooling and infrastructure management and automation tooling, and they're getting smarter at hiding in places most security tools don't look.

There are two metrics that stood out when I looked at the most recent Bitdefender Cybersecurity Assessment Report, an industry survey that we publish each year. The first thing is that 67% of respondents believe there's a strong need to reduce the attack surface by disabling unnecessary tooling and applications. The second thing is that more than a third of the respondents reported ongoing difficulties in preventing the misuse of legitimate tools, which ranked high on the list of concerns. This is why we challenged ourselves to do better. Let’s talk a little bit about the questions we asked in the process.

Fresh Thinking About Cybersecurity

What if we stop thinking just about detecting attackers as early as possible? What if we stop giving them room to move around in the first place? This is the simple and fundamental premise that led us to build something new, something designed not just to react to threats, but to reduce the likelihood of the threat to exist.

We validated the concept over many conversations with hundreds of customers, numerous value-added partners and MSSPs, CISOs, security strategists, industry analysts and cybersecurity professionals. We heard all of them telling us, yes, we need more control over the attack surfaces. We need it in a way that doesn't create more work or more noise. They told us they needed intelligent security that's personalized to their operating environment, so they would have fewer things to worry about.

Our response was to develop PHASR, which enables security hardening to be individualized. And it makes security policies adaptable to the specific risk profile of each user, each infrastructure component, each workload, and each business unit. And it learns continuously, which advanced security controls must do. Not just to support audits, but also capable of self-adjusting in real time.

We knew early on that addressing this kind of complexity could not be done with off-the-shelf thinking. It required a fundamental refresh of how you manage security posture and attack surfaces. It led our engineers to leverage AI not just to find what's bad, but to understand what normal looks like across the constantly evolving landscape, and automatically close off paths that attackers are most likely to take—with a high degree of confidence and fidelity.

You cannot build this type of technology in isolation. You must do it side by side with customers, with partners, and with MSPs, so that’s what we did.

We worked across Europe, North America, and Asia, looking at every insight, every use case, and everything that helped us shape Bitdefender GravityZone PHASR. We built this technology to be dynamic, to make real-time decisions based on actual behavior, and we designed it so that you don't need a massive team or a massive budget to benefit from it. Whether you're an enterprise or a mid-sized business, this technology is built to fit.

Looking to the Future of Cybersecurity

We see a future where the attack surface is constantly assessed, precisely reduced, and continuously aligned to the unique context of each business and user profile. We see a future where security enables innovation instead of limiting it, and with this launch, we’ve taken a major step towards that vision for our partners and customers. Your input has been invaluable. Thank you to everyone who contributed to this journey.

Now you know the “why” behind our latest Bitdefender innovation.

You can learn more about how it works on our PHASR page or in The Hacker News. And reach out for a private conversation to see PHASR’s unique approach for yourself.